Deception, Smart Cities, Ransomware on the Program at RSA Conference 2016 Abu Dhabi

RSA Conference 2016 Abu Dhabi is just a few short months away. Our agenda has been carefully selected by an amazing committee of regional experts, achieving a very interesting balance of sessions designed to address issues that are front and center for our attendees from the area. The RSA Conferences outside of the U.S. (Abu Dhabi and Asia Pacific & Japan, which just concluded in Singapore) provide an excellent forum for meeting with other security practitioners in region—networking and consuming content that has been developed specifically with the experience of that part of the world in mind. Our line-up for Abu Dhabi this year definitely delivers on that promise and is not to be missed.

As the content owner for all of the RSA Conferences globally, I sit in the unique position of reading each and every submission that is made for all of our events. I perform this early stage review to determine which of my Program Committee members should review the various submissions, with most being reviewed by multiple members for consideration in various places. We treat each submission with care and confidence. This also gives me the opportunity to “see the forest” as I am fully immersed in the submissions for that region in a short, concentrated period of time, triggering an ability to see trends across content suggestions, verbiage used, and examples cited.

The word cloud provides one way to visualize this data, and other tracking mechanisms help us to really get underneath what seems to be tracking hot in the region as well as what will soon break through. In the U.S., for example, this year we bubbled up some very interesting trends that will be noteworthy to follow year over year; For APJ, likewise we’re in year two of analysis, and already starting to see some unique things in the region. For the U.S., having just celebrated our 25th anniversary, we clearly have far more data to work with—an interesting four-part blog series on the analysis by Wade Baker would definitely be worth your time.

So…let’s talk Abu Dhabi. My single greatest takeaway after reading the submissions was the uptick in sessions that dealt in some way with deception: defending the enterprise by beating malware at its own game. It’s small on the word cloud (which represents the titles and short abstracts of all of the submissions)—but often the small words are the most telling of what’s up and coming.

We started to see this as a very early stage emerging trend in the U.S. with the 2016 submissions, but with the Abu Dhabi submissions we saw even further movement with a greater percentage of submissions addressing it. Submissions also included some breakthrough commentary from the end-user perspective. It’s worth noting the transition from deception as a topic vendors were talking about (and we have great vendor presentations, don’t get me wrong!) to something end-users discuss using real-world experiences. This is definitely a watch this space category—eager to see what emerges on the U.S. stage!

One of my favorite aspects of the Abu Dhabi conference is leadership on the smart city front (which also embraces IoT), with an understanding of the importance of security as a leading consideration vs. an afterthought. Based on tremendous submissions in this arena—and again, that end-user perspective and willingness to share experience and perspective—we have a dedicated track that examines Cloud & Smart City Security. In addition to the track sessions, we are also extremely excited about the two-hour hands-on Learning Lab, Averting a Cyber Safety Crisis: A Cyber Crisis Impacting Public Safety and Trust in Smart Cities, facilitated by The Atlantic Council on November 14 as part of our pre-Conference content offerings.

Learning Labs were introduced in 2015 as a very hands-on, in-depth learning experience, available to a limited number of full-conference attendees (registration is required as participation is capped at 50). In this exercise, participants will react to a mock cyber crisis that triggers severe implications on economic interests, human life, public safety, and global reputation, extending far beyond any single nation’s borders in the Gulf States. They will explore how governments, the private sector, and other actors will need to work together with international partners and allies to respond to an escalating cyber crisis. Participants in this Lab will participate on different teams in this cyber exercise, with commentary and guidance provided by the expert Atlantic Council team.

Not surprisingly, ransomware was on an uptick this year in our Abu Dhabi submission bank. This has certainly been a trend across the globe over the past year, and is one of the fastest growing types of cyber threats organizations are facing, with enterprises in the Middle East emerging as prime targets. Our submissions ranged from the deeply technical to policy to trends-based, analyzing drivers, vertical nuances, and regional directions. Again, the power of the regional RSA Conference events is the ability to look at trends through the lens of the area, with examples and data specific to that area, and we look forward in particular to the detailed discussion on ransomware that will emerge for our attendees.

Submissions this year turned a significant maturity corner. The willingness and interest in information sharing is encouraging, as we know that communities thrive when we’re willing to share specific examples and experiences. The ability to learn from others—through the formal sessions that are presented as well as the informal networking opportunities that an event like RSA Conference Abu Dhabi allows—is powerful. If the submission base is any indication of the quality of the conversations that are ripe to take place in November, this will be an event not to be missed full of actionable content and valuable conversation.